Collabtive Security Vulnerabilities and Issues — Collabtive CVE List

Lucene search

O-dynCollabtive

3 matches found

CVE•added 2014/05/13 2:55 p.m.•48 views

CVE-2014-3246

SQL injection vulnerability in Collabtive 1.2 allows remote authenticated users to execute arbitrary SQL commands via the folder parameter in a fileview_list action to manageajax.php.

6.5CVSS8AI score0.00704EPSS

CVE•added 2014/05/15 2:55 p.m.•44 views

CVE-2014-3247

Cross-site scripting (XSS) vulnerability in Collabtive 1.2 allows remote authenticated users to inject arbitrary web script or HTML via the desc parameter in an Add project (addpro) action to admin.php.

4.3CVSS5.3AI score0.00799EPSS

CVE•added 2014/01/21 3:17 p.m.•37 views

CVE-2013-6872

SQL injection vulnerability in managetimetracker.php in Collabtive before 1.2 allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a projectpdf action.

6.5CVSS8.1AI score0.03576EPSS